<?php

if (!$include_vars) {
   require_once('../includes/config.inc');
   require_once('../includes/variables.inc');
   require_once('../includes/libccramp.inc');
   ?><html><head>
   <title>Add new C-Cramp user</title><style>
   <?php
   include_once('../themes/default/default.css');
   ?></style>
   <script language="javascript" type="text/javascript">
   function getElementsByClassName (searchClass, node, tag) {
	   var classElements = new Array();
	   if ( node == null )
		   node = document;
	   if ( tag == null )
		   tag = '*';
	   var els = node.getElementsByTagName(tag);
	   var elsLen = els.length;
	   var pattern = new RegExp("(^|\\s)"+searchClass+"(\\s|$)");
	   for (i = 0, j = 0; i < elsLen; i++) {
		   if ( pattern.test(els[i].className) ) {
			   classElements[j] = els[i];
			   j++;
		   }
	   }
	   return classElements;
   }
   
   // function for switching one class to another class
   // requirements: getElementsByClassName()
   function switchElementClassName (inClass, outClass) {
      var elementClasses = getElementsByClassName(inClass);
      for (var i = 0; i < elementClasses.length; i++) {
         elementClasses[i].className = outClass;
      }
   }
   </script>

   </head><body>
   <?php
}
if ($do === 'insertUser') {
   $encryptedStaffPwd = (md5(strtolower(trim($_POST['staffUsr'])) . strtolower(trim($_POST['staffPwd']))));
   $staffApprovalSql = " 
      SELECT `id` FROM `users` WHERE 
      (`username`='".mysql_real_escape_string($_POST[staffUsr])."') 
      AND (`password`='".mysql_real_escape_string($encryptedStaffPwd)."')
      AND (`rights`>'2') ";
   //echo ($staffApprovalSql);
   $staffApprovalQuery = mysql_query($staffApprovalSql) or die(mysql_error());
   if ($staffApprovalResult = mysql_fetch_array($staffApprovalQuery)) {
   	if ($_POST['password'] != $_POST['password_confirm']) {
	     echo('<span class="alert">Sorry, try again; Your passwords did not match.</span><br />');
      } elseif (mysql_fetch_row(mysql_query("SELECT * FROM `users` WHERE `username`='".$_POST['username']."' "))) {
   	  echo('<span class="alert">That user name is already taken.  Try another one.</span><br />');
	   } else {
   	$encrypted_passwd = (md5(strtolower(trim($_POST['username'])) . strtolower(trim($_POST['password']))));
      $addUsrQuery = mysql_query("
         INSERT INTO `users` 
         SET 
         `username`='".mysql_real_escape_string(strtolower($_POST['username']))."',
         `password`='".$encrypted_passwd."',
         `passwd`='".mysql_real_escape_string($encrypted_passwd)."',
         `name`='".mysql_real_escape_string($_POST['name'])."',
         `nickname`='".mysql_real_escape_string($_POST['nickname'])."',
         `rights`='".$_POST['rights']."',
         `hire_date`='".$_POST['hire_date']."',
         `comments`='".mysql_real_escape_string($_POST['comments'])."',
         `category`='".$_POST['category']."',
         `is_staff`='".$_POST['is_staff']."',
         `status`='".$_POST['is_current']."',
         `email`='".mysql_real_escape_string($_POST['email'])."',
         `phone`='".mysql_real_escape_string($_POST['phone'])."'  ");
      }
      if ($addUsrQuery) {
         echo('user successfully created!  <a href="'.$HTTP_DIR.'">Start playing!</a>');
      }
   } else {
      echo ("The staff user password, username, or permissions are incorrect for adding a new user. <br />");
      printf('<a href="%smode/addUsr.php">Try again</a>.',$HTTP_DIR);
   }
    
} else if (!$do) {
?>	
<form name="addUsr" action="<?=$_SERVER['PHP_SELF']?>" method="post">
<table>

<tr class="normAddUsrRow">
<td>Full Legal Name: </td>
<td><input type="text" name="name" autocomplete="off" /></td>
</tr>

<tr class="normAddUsrRow">
<td>handle/nick: </td>
<td><input type="text" name="nickname" autocomplete="off" /> (required)</td>
</tr>

<tr class="normAddUsrRow">
<td>Username: </td>
<td><input type="text" name="username" autocomplete="off" /></td>
</tr>

<tr class="normAddUsrRow">
<td>Password: </td>
<td><input type="password" name="password" autocomplete="off" /></td>
</tr>

<tr class="normAddUsrRow">
<td>Confirm Password: </td>
<td><input type="password" name="password_confirm" autocomplete="off" /></td>
</tr>

<tr class="normAddUsrRow">
<td>E-mail Address: </td>
<td><input type="text" name="email" autocomplete="off" /></td>
</tr>

<tr class="normAddUsrRow">
<td>Phone #: </td>
<td><input type="text" name="phone" autocomplete="off" /></td>
</tr>

<tr class="hiddenAddUsrRow">
<td colspan="2" style="text-align: center;"><h3>***for staff use only***</h3></td>
</tr>

<tr class="hiddenAddUsrRow">
<td>Permissions:</td>
<td><select name="rights">
   <option value="0">Banninated</option>
   <option value="1" selected="selected">DJ</option>
   <option value="2">DJ &amp; Reviewer</option>
   <option value="3">3</option>
   <option value="4">4</option>
   <option value="5">5</option>
   <option value="6">6</option>
   <option value="7">7</option>
   <option value="8">8</option>
   <option value="9">9</option>
</select></td>
</tr>

<tr class="hiddenAddUsrRow">
<td>Category: </td>
<td><select name="category">
<option value="">unknown</option><?php
$category_result = mysql_query("SELECT `id`,`category`,`default` FROM `category` ORDER BY `category`");
while ($category_row = mysql_fetch_row($category_result)) {
?><option value="<?=$category_row[0]?>"<?php 
if ($category_row[2]){
print(' selected="selected"');
}
?>><?=$category_row[1]?></option>
<?php
}
?></select></td>
</tr>

<tr class="hiddenAddUsrRow">
<td>Hire Date: </td>
<td><input type="text" name="hire_date" size="10" value="<?=date("Y-m-d")?>" /> (YYYY-MM-DD)</td>
</tr>

<tr class="hiddenAddUsrRow">
<td></td>
<td><input type="checkbox" name="status" value="1" /> This user is a current DJ <br />
<input type="checkbox" name="is_staff" value="1" /> This user is a current staff member <br />
<input type="hidden" name="mode" value="useradd" />
<input type="hidden" name="do" value="insertUser" /></td>
</tr>

<tr class="hiddenAddUsrRow">
<td>Comments: </td>
<td><textarea name="comments"></textarea></td>
</tr>

<?php 
if (!$U_[rights]) {
?>
<tr class="hiddenAddUsrRow">
<td colspan="2">
<br />
<hr style="width: 180px;" />
<br />
</td>
</tr>

<tr class="hiddenAddUsrRow">
<td>staff username:</td>
<td><input type="text" name="staffUsr" /> (required to add users)
</td>
</tr>

<tr class="hiddenAddUsrRow">
<td>staff password:</td>
<td><input type="password" autocomplete="off" name="staffPwd" /></td>
</tr>
<?php 
}
?>
<tr class="hiddenAddUsrRow">
<td></td>
<td>
<input type="submit" value="Add User" /><input type="reset" value="Cancel" /></td>
</tr>

<tr class="normAddUsrRow">
<td></td>
<td>
<button type="button" onClick="switchElementClassName('normAddUsrRow', 'hidden'); switchElementClassName('hiddenAddUsrRow', 'normal');">Next &gt;&gt;</button></td>
</tr>
</table>
<input type="hidden" name="mode" value="addUsr" />
</form>
<?php
}
?>


<?php 
if (!$include_vars) {
   ?></body></html><?php
}
?>